package com.phynos.web.manager.controller.ajax;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import com.phynos.dal.model.User;
import com.phynos.web.manager.json.JsonResult;
import com.phynos.web.manager.json.ResultCodeEnum;

@Controller
@RequestMapping("/ajax/sys")
public class SystemParaController extends BaseJsonController {
	
	/**
	 * 测试1：注解实现授权
	 * @return
	 */
	@RequiresPermissions("system:test1")
	@RequestMapping(value="/test1",method=RequestMethod.GET)
	@ResponseBody
	public JsonResult test1(){		
		System.out.println("test1");
		return JsonResult.code(ResultCodeEnum.OK);
	}
	
	/**
	 * 测试2：编程实现授权
	 * @return
	 */
	@RequestMapping(value="/test2",method=RequestMethod.GET)
	@ResponseBody
	public JsonResult test2(){		
		org.apache.shiro.subject.Subject currentUser = SecurityUtils.getSubject();
		boolean permitted = currentUser.isPermitted("system:test2");
		if(permitted){
			return JsonResult.code(ResultCodeEnum.OK);	
		} else {
			return JsonResult.code(ResultCodeEnum.NOT_HAVE_PERMISSION);
		}
	}
	
	/**
	 * 测试3：取得会话中的绑定信息
	 * @return
	 */
	@RequestMapping(value="/test3",method=RequestMethod.GET)
	@ResponseBody
	public JsonResult test3(){		
		org.apache.shiro.subject.Subject currentUser = SecurityUtils.getSubject();
		User user = (User)currentUser.getPrincipal();
		return JsonResult.data(user);					
	}
	
	/**
	 * 测试4：动态角色判断
	 * @return
	 */
	@RequestMapping(value="/test4",method=RequestMethod.GET)
	@ResponseBody
	public JsonResult test4(){		
		org.apache.shiro.subject.Subject currentUser = SecurityUtils.getSubject();
		boolean hasRole = false;
		try {
			currentUser.checkRole("1");
			hasRole = true;
		} catch (AuthorizationException e) {
			e.printStackTrace();
		}
		if(hasRole){
			return JsonResult.code(ResultCodeEnum.OK);	
		} else {
			return JsonResult.code(ResultCodeEnum.NOT_HAVE_PERMISSION);
		}				
	}
	
	/**
	 * 测试5：注解实现角色授权
	 * @return
	 */
	@RequiresRoles("1")
	@RequestMapping(value="/test5",method=RequestMethod.GET)
	@ResponseBody
	public JsonResult test5(){		
		return JsonResult.code(ResultCodeEnum.OK);
	}
	
	
	@RequestMapping(value="/test6",method=RequestMethod.GET)
	@ResponseBody
	public JsonResult test6(){
		return JsonResult.code(ResultCodeEnum.OK);
	}
	
}